Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
File: e75e46c0-2d4d-42fd-a050-85f835672397.roa (raw, json)
Hash identifier: yK5G6hlAiKxdeIYr7KaXuLhakjH0fVcWuMqrGAJ7S/4=
Subject key identifier: B1:A1:C1:F7:D7:7A:AD:62:F2:FC:63:26:F5:F1:62:92:34:D3:99:4C
Certificate issuer: /CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Certificate serial: 435F2835E5858C5FCFC9C382B778F9DEA4C38DC3
Authority key identifier: 4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
Signing time: Mon 29 Sep 2025 15:40:34 +0000
ROA not before: Mon 29 Sep 2025 15:40:34 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2001:3fc7:9000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:5f:28:35:e5:85:8c:5f:cf:c9:c3:82:b7:78:f9:de:a4:c3:8d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e9f45fd65cea47fce533f11cfc15c475554dfbc
Validity
Not Before: Sep 29 15:40:34 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3edab841ee1a0567a0f4119337905ae77de2fda36b11293e3b33828b5f6720a8, CN=f6903138-420a-4c84-bf3d-9aea81f23eb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bf:f6:b6:84:91:df:0e:8d:6c:eb:dc:e9:75:
b4:ca:53:74:27:15:17:81:da:5a:9d:2a:01:68:3a:
da:60:05:c6:3e:99:07:2d:c2:bb:28:03:6b:c0:70:
03:b4:38:91:6e:da:0f:67:70:21:10:62:06:16:d6:
5c:2e:ed:10:55:8f:b6:3c:8d:9e:3c:16:db:2e:a6:
14:5d:3f:f2:56:ca:64:47:32:7e:66:6c:b5:b0:7b:
22:e0:09:17:97:a7:12:dd:36:9a:aa:87:43:98:54:
dd:19:c7:6d:4b:b3:d1:cd:02:50:7e:76:a7:bf:c8:
18:18:db:ce:6b:30:48:e1:82:81:47:f7:b8:05:28:
79:fe:6d:78:cb:97:83:8f:f9:35:45:31:95:01:f9:
c1:70:a9:9d:c4:20:fb:2e:15:8c:00:83:b1:8a:1e:
bc:fa:36:d8:64:70:2f:aa:a7:0b:b7:8a:05:1f:dd:
71:7b:ae:d5:3d:9f:7a:be:77:b0:b7:b0:ff:5c:81:
d1:a4:62:c9:36:a6:15:e5:42:d1:38:d1:af:de:4f:
0c:28:48:34:ce:47:91:ab:59:65:24:24:fc:41:b6:
3d:86:c8:1f:cf:53:b1:6b:a1:7b:9c:c5:13:9f:e5:
fd:fe:95:71:9e:0c:e3:c1:65:b3:c8:7e:b7:62:66:
c5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A1:C1:F7:D7:7A:AD:62:F2:FC:63:26:F5:F1:62:92:34:D3:99:4C
X509v3 Authority Key Identifier:
keyid:4E:9F:45:FD:65:CE:A4:7F:CE:53:3F:11:CF:C1:5C:47:55:54:DF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tp9F_WXOpH_OUz8Rz8FcR1VU37w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/e75e46c0-2d4d-42fd-a050-85f835672397.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/cfadba4d-134c-4a1e-9d9c-64e8c5d613f3/Ov-his08I996RofT9UA-owflnzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3fc7:9000::/36
Signature Algorithm: sha256WithRSAEncryption
91:33:7f:f7:a7:96:dc:fe:e3:5e:c9:36:ac:8c:16:3a:f3:93:
57:55:cb:aa:2e:25:fc:48:33:6d:ff:10:ab:b4:f1:44:81:b5:
a7:5c:66:a3:5b:af:0a:e3:55:2b:42:55:4c:af:c6:7f:ee:20:
fb:fd:22:a8:fa:1b:46:fc:52:fe:e2:33:23:72:be:66:98:8f:
13:85:af:49:6f:16:ff:d5:aa:b6:70:7e:b2:f1:89:73:62:72:
63:fa:0e:92:8f:c6:ce:59:d8:f7:5b:bf:fb:f1:5b:bb:e3:d5:
96:f4:83:94:d2:44:56:4a:22:bd:df:d2:7e:6d:a6:41:5c:88:
30:f1:45:34:58:8b:64:4a:4d:ed:0f:3b:33:78:cd:5b:56:52:
21:91:10:0b:ae:72:70:ec:2e:85:f1:05:b8:fc:02:5d:ae:d1:
a0:9d:db:77:bd:f9:e7:7e:60:3c:e9:74:ce:9a:c0:37:b6:ae:
0d:50:f8:b8:67:49:25:10:6e:76:b3:03:30:61:c0:a6:08:4f:
39:47:c4:d9:fa:5d:2c:c8:17:8d:34:01:39:52:e6:98:a5:59:
cf:d3:7a:0a:ff:fa:ed:9f:6e:e6:ee:be:a7:1f:6e:67:29:53:
f2:01:d5:2b:a4:ef:4b:ed:84:a0:15:6a:32:0d:97:8a:ff:14:
88:85:11:d7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQ18oNeWFjF/PycOCt3j53qTDjcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGU5ZjQ1ZmQ2NWNlYTQ3ZmNlNTMzZjExY2ZjMTVjNDc1
NTU0ZGZiYzAeFw0yNTA5MjkxNTQwMzRaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlZGFiODQxZWUxYTA1NjdhMGY0MTE5MzM3OTA1YWU3N2RlMmZkYTM2YjEx
MjkzZTNiMzM4MjhiNWY2NzIwYTgxLTArBgNVBAMTJGY2OTAzMTM4LTQyMGEtNGM4
NC1iZjNkLTlhZWE4MWYyM2ViNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALW/9raEkd8OjWzr3Ol1tMpTdCcVF4HaWp0qAWg62mAFxj6ZBy3CuygDa8Bw
A7Q4kW7aD2dwIRBiBhbWXC7tEFWPtjyNnjwW2y6mFF0/8lbKZEcyfmZstbB7IuAJ
F5enEt02mqqHQ5hU3RnHbUuz0c0CUH52p7/IGBjbzmswSOGCgUf3uAUoef5teMuX
g4/5NUUxlQH5wXCpncQg+y4VjACDsYoevPo22GRwL6qnC7eKBR/dcXuu1T2fer53
sLew/1yB0aRiyTamFeVC0TjRr95PDChINM5HkatZZSQk/EG2PYbIH89TsWuhe5zF
E5/l/f6VcZ4M48Fls8h+t2JmxWkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSxocH3
13qtYvL8Yyb18WKSNNOZTDAfBgNVHSMEGDAWgBROn0X9Zc6kf85TPxHPwVxHVVTf
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RwOUZfV1hP
cEhfT1V6OFJ6OEZjUjFWVTM3dy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9jZmFkYmE0ZC0xMzRjLTRhMWUtOWQ5Yy02NGU4YzVkNjEzZjMv
ZTc1ZTQ2YzAtMmQ0ZC00MmZkLWEwNTAtODVmODM1NjcyMzk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvY2ZhZGJhNGQtMTM0Yy00YTFlLTlkOWMtNjRlOGM1ZDYx
M2YzL092LWhpczA4STk5NlJvZlQ5VUEtb3dmbG56WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCABP8eQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCRM3/3p5bc/uNeyTasjBY685NXVcuqLiX8SDNt
/xCrtPFEgbWnXGajW68K41UrQlVMr8Z/7iD7/SKo+htG/FL+4jMjcr5mmI8Tha9J
bxb/1aq2cH6y8YlzYnJj+g6Sj8bOWdj3W7/78Vu749WW9IOU0kRWSiK939J+baZB
XIgw8UU0WItkSk3tDzszeM1bVlIhkRALrnJw7C6F8QW4/AJdrtGgndt3vfnnfmA8
6XTOmsA3tq4NUPi4Z0klEG52swMwYcCmCE85R8TZ+l0syBeNNAE5UuaYpVnP03oK
//rtn27m7r6nH25nKVPyAdUrpO9L7YSgFWoyDZeK/xSIhRHX
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:00:44 2025 by rpki-client